Manualshelf

Owners manual

ManualsBrandsARUBA NETWORKS ManualsComputers & LaptopsAruba Instant IAP-325 IEEE 802.11ac 1.69 Gbit/s Wireless Access Point - 2.40 GHz, 5 GHz - 8 x Antenna(s) - 8 x Internal Antenna(
361362363364365366367368369370
367 | IAP-VPN Deployment Scenarios Aruba Instant 6.4.0.2-4.1 | User Guide
Scenario 2 - IPSec: Single Datacenter with Multiple Controllers for
Redundancy
This scenario includes the following configuration elements:
l A VRRP instance between the master/standby-master pair, which is configured as the primary VPN IP address.
l Tunneling of all traffic to datacenter.
l Exception route to bypass tunneling of RADIUS and AirWave traffic, which are locally reachable in the branch
and the Internet respectively.
l All client DNS queries are tunneled to the controller.
l Distributed L3 and Centralized L2 mode DHCP on all branches. L3 is used by the employee network and L2 is
used by the guest network with captive portal.
l Wired and wireless users in L2 and L3 modes.
l Access rules defined for wired and wireless networks.
Topology
Figure 139 shows the topology and the IP addressing scheme used in this scenario.
Figure 139 Scenario 2 - IPSec: Single Datacenter with Multiple controllers for Redundancy
The following IP addresses are used in the examples for this scenario:
l 10.0.0.0/8 is the corporate network
l 10.20.0.0/16 subnet is reserved for L2 mode used for guest network
l 10.30.0.0/16 subnet is reserved for L3 mode
l Client count in each branch is 200